Birthday Reminder looks benign but the devil’s in the details: Hooks DNS, serves dodgy ads

The strange behavior of a simple Windows application caught our attention and sparked ESET’s analysis of previously undocumented malware. A contact at the Norwegian HealthCERT —  following a question about this from the regional healthcare provider Sykehuspartner — reached out to us asking about DNS queries to domains with the format [0-9a-f]{60}.smoke. There is no .smoketop level domain, … More Birthday Reminder looks benign but the devil’s in the details: Hooks DNS, serves dodgy ads

If you download Minecraft mods from Google Play, read on …

Minecraft players have been exposed to scams and aggressive ads brought by 87 fake Minecraft mods recently spotted on Google Play. The apps can be divided into two categories – the ad-displaying downloader detected by ESET as Android/TrojanDownloader.Agent.JL and fake apps redirecting users to scam websites, detected as Android/FakeApp.FG. Altogether, the 87 fake mods reached … More If you download Minecraft mods from Google Play, read on …

Aggressive ad-displaying Google Play app tricks users into leaving high ratings

ESET researchers have observed an increased number of apps on Google Play using social engineering techniques to boost their ratings, ranging from legitimate apps, through adware to malware. Among these falsely high-ranking apps, an aggressive ad-displaying trojan was spotted, installed by up to 5,000 users as a tool to download content from YouTube. The app, … More Aggressive ad-displaying Google Play app tricks users into leaving high ratings

Spotify Free hits sour note with infected ads

Some users of the ad-supported music streaming service Spotify Free got more hits than they bargained for, according to numerous reports. It all started on Tuesday (4th), when one of its users reported an issue to their forum. It read: There’s something pretty alarming going on right now with Spotify Free. This started several hours ago. If … More Spotify Free hits sour note with infected ads